WebAuthn getPublicKey[Algorithm]() and getAuthenticatorData()

Security

Adds two accessors from the Web Authentication Level 2 spec that save sites from parsing Concise Binary Object Representation (CBOR) and CBOR Object Signing and Encryption (COSE) in order to use security keys.

Motivation

CBOR and COSE are somewhat obscure at this time and there's no need for most sites to have to worry about them as the browser is capable of translating them into more standard formats.

Documentation

Specification

Editor's draft

Status in Chromium

Blink>WebAuthentication


Enabled by default (tracking bug) in:

  • Chrome for desktop release 85
  • Chrome for Android release 85

Consensus & Standardization

After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.

  • Positive
  • No signal
  • No signal
  • No signals

Owner

Intent to Prototype url

Intent to Prototype thread

Search tags

webauthn getpublickey spki,

Last updated on 2020-10-25